Issue #759
closed
DELETE /v2/repositories/<repo_id>/distributors/<distributor_id>/ requires incorrect permissions
Status:
CLOSED - CURRENTRELEASE
Description
A DELETE call to /v2/repositories/<repo_id>/distributors/<distributor_id>/ requires UPDATE permissions rather than DELETE.
See line 1
@auth_required(UPDATE)
def DELETE(self, repo_id, distributor_id):
# validate resources
manager = manager_factory.repo_distributor_manager()
manager.get_distributor(repo_id, distributor_id)
# delete
task_tags = [
tags.resource_tag(tags.RESOURCE_REPOSITORY_TYPE, repo_id),
tags.resource_tag(tags.RESOURCE_REPOSITORY_DISTRIBUTOR_TYPE, distributor_id),
tags.action_tag('remove_distributor')
]
async_result = repository.distributor_delete.apply_async_with_reservation(
tags.RESOURCE_REPOSITORY_TYPE, repo_id, [repo_id, distributor_id],
tags=task_tags)
raise exceptions.OperationPostponed(async_result)
Note
This will be fixed by the django conversion.
- Triaged changed from No to Yes
- Platform Release set to 2.7.0
- Status changed from ASSIGNED to MODIFIED
- Severity set to 1. Low
- Status changed from MODIFIED to 5
- Status changed from 5 to 6
verified
[root@mgmt4 ~]# http --json -a admin:admin --verify=no POST 'https://localhost/pulp/api/v2/permissions/actions/grant_to_user/' login=testuser resource=/v2/repositories/zoo/distributors/yum_distributor/ operations:='["DELETE"]'
Traceback (most recent call last):
File "/usr/bin/http", line 5, in <module>
from pkg_resources import load_entry_point
File "/usr/lib/python2.6/site-packages/pkg_resources.py", line 2655, in <module>
working_set.require(__requires__)
File "/usr/lib/python2.6/site-packages/pkg_resources.py", line 648, in require
needed = self.resolve(parse_requirements(requirements))
File "/usr/lib/python2.6/site-packages/pkg_resources.py", line 546, in resolve
raise DistributionNotFound(req)
pkg_resources.DistributionNotFound: argparse>=1.2.1
[root@mgmt4 ~]#
[root@mgmt4 ~]# pulp-admin auth
Usage: pulp-admin [SUB_SECTION, ..] COMMAND
Description: manage users, roles and permissions
[root@mgmt4 ~]# pulp-admin auth permission grant --resource /v2/repositories/zoo/distributors/yum_distributor/ --login testuser
Command: grant
Description: grants resource permissions to given user or given role
Usage: you can specify either login or role-id in this command; both cannot be
specified at the same time
Available Arguments:
--resource - (required) resource REST API path whose permissions are being
manipulated
--login - login of the user to which access to given resource is being
granted
--role-id - id of the role to which access to given resource is being granted
-o - (required) type of permissions being granted, valid permissions:
create, read, update, delete, execute
The following options are required but were not specified:
-o
[root@mgmt4 ~]# pulp-admin auth permission grant --resource /v2/repositories/zoo/distributors/yum_distributor/ --login testuser -o DELETE
Permissions [/v2/repositories/zoo/distributors/yum_distributor/ : ['DELETE']]
successfully granted to user [testuser]
[root@mgmt4 ~]# curl -H "Accept: application/json" -X DELETE -k -u testuser:test 'https://localhost/pulp/api/v2/repositories/zoo/distributors/yum_distributor/'
{"spawned_tasks": [{"_href": "/pulp/api/v2/tasks/5057b938-baf8-47ca-bdd7-976aa61b9c58/", "task_id": "5057b938-baf8-47ca-bdd7-976aa61b9c58"}], "result": null, "error": null}[root@mgmt4 ~]#
[root@mgmt4 ~]#
[root@mgmt4 ~]#
- Status changed from 6 to CLOSED - CURRENTRELEASE
Also available in: Atom
PDF
.